Job Description

:
Job title/Role: IAM Entra Engineer
Experience - 5 to 10 years
Location - Hyderabad, Bangalore, Pune.
About Zensar:
Zensar is a digital solutions company helping organizations around the world achieve new thresholds of business performance. We work with clients in banking and financial services, hi-tech and manufacturing, insurance, consumer services, and more. We prepare our clients for sustainable success through experience design, cloud technology, advanced analytics, and business acceleration.
Zensar is seeking an experienced Data Loss Prevention (DLP) specialist to join our global cyber security operations and incident response team. The DLP focused Cybersecurity Operations and Incident Response Engineer is a critical member of the team providing subject matter expertise in the detection, alerting, and investigation of DLP incidents. Successful candidates will have a strong background in DLP analytics, investigation, and incident management.
We are seeking a skilled and experienced Microsoft Entra ID Specialist to join our Identity and Access Management team. The ideal candidate will be responsible for implementing, managing, and optimizing our Microsoft Entra ID environment, with a focus on Role-Based Access Control (RBAC), Multi-Factor Authentication (MFA), and Single Sign-On (SSO) solutions. This role is critical in ensuring secure and efficient access to our organization\'s resources across cloud and on-premises environments.
Responsibilities
Microsoft Entra ID Management
Design, implement, and manage the Microsoft Entra ID infrastructure
Configure and maintain directory synchronization between on-premises Active Directory and Entra ID
Manage user lifecycles, including provisioning, deprovisioning, and access reviews
Implement and manage Entra ID Premium features
Role-Based Access Control (RBAC)
Design and implement RBAC policies aligned with organizational security requirements
Create and manage custom roles to meet specific business needs
Implement Privileged Identity Management (PIM) for just-in-time and time-bound role activation
Conduct regular access reviews and maintain the principle of least privilege
Integrate RBAC with various Microsoft and third-party applications
Multi-Factor Authentication (MFA)
Design and implement MFA strategies across the organization
Configure and manage various MFA methods (e.g., Microsoft Authenticator, SMS, phone call)
Implement risk-based Conditional Access policies in conjunction with MFA
Monitor and respond to MFA-related security events and user issues
Develop and maintain MFA bypass processes for emergency scenarios
Single Sign-On (SSO)
Implement and manage SSO for various cloud and on-premises applications
Configure and maintain federation services (AD FS) if required
Integrate third-party applications with Entra ID for SSO capabilities
Troubleshoot SSO-related issues and optimize the user experience
Implement and manage App Proxy for secure remote access to on-premises web applications
Security and Compliance
Implement and manage Conditional Access policies
Configure and maintain Identity Protection features to detect and remediate identity risks
Ensure compliance with relevant standards and regulations (e.g., GDPR, HIPAA)
Conduct regular security assessments of the Entra ID environment
Generate and analyze reports on identity and access-related security metrics
Monitoring and Troubleshooting
Set up and maintain monitoring for Entra ID services and related components
Troubleshoot complex identity and access-related issues
Analyze Entra ID logs and audit reports to identify potential security issues or areas for improvement
Develop and maintain runbooks for common identity and access management scenarios
Integration and Automation
Integrate Entra ID with other security tools and SIEM systems
Develop PowerShell scripts and utilize Graph API for identity management automation
Implement and manage Identity Governance solutions
Continuous Improvement
Stay updated with the latest Microsoft Entra ID features, security best practices, and industry trends
Evaluate and recommend new identity and access management technologies
Contribute to the development of identity and access management strategies and roadmaps
Requirements
Bachelor\'s degree in Computer Science, Information Technology, or a related field
5+ years of experience in IT, with at least 3 years focused on identity and access management
Strong experience with Microsoft Entra ID (Azure AD) and related technologies
In-depth knowledge of RBAC, MFA, and SSO concepts and implementations
Familiarity with on-premises Active Directory and hybrid identity scenarios
Experience with PowerShell scripting and Microsoft Graph API
Understanding of security protocols (e.g., SAML, OAuth, OpenID Connect)
Excellent problem-solving and analytical skills
Strong communication skills, both written and verbal
Microsoft 365 Certified: Enterprise Administrator Expert certification required
Additional certifications (e.g., CISSP, CISM) are a plus
Relationships:
You will work with CIS Team (Shared Services, Network, Security, Applications) architects, engineers, developers, support, and leadership team on projects and provides subject matter expertise as necessary.
Maintaining a good relationship with our global IT teams is key to your success. In your role you will need to be able to communicate with people at all levels in the organization and work with several of our suppliers and partners.